Use the correct cert when connecting to the LDAP server

diff --git a/Util.pm b/Util.pm
index 27060d7..92ea455 100644 (file)
--- a/Util.pm
+++ b/Util.pm
@@ -359,7 +359,9 @@ sub UpgradeConnection($) {
   my ($ldap) = @_;
   my $mesg = $ldap->start_tls(
                           verify => 'require',
-                          cafile => '/etc/ssl/certs/spi-cacert-2008.pem'
+                          # Cannot specify the server cert, must specify the CA cert
+                          #cafile => '/etc/ssl/servicecerts/db.debian.org.crt'
+                          cafile => '/etc/ssl/certs/UTN_USERFirst_Hardware_Root_CA.pem'
                           );
   $mesg->sync;
   if ($mesg->code != LDAP_SUCCESS) {